Monday, April 25, 2016

Growing e-commerce in
India has resulted in an increase in websites and mobile applications
among Indian masses. Some business models depend upon websites
whereas others are exclusive application based models. Further, many
entrepreneurs have decided to explore mobile application based
business models alone.

Surprisingly, there is a
tendency among the application developers as well as its users to
ignore the applicable legal
requirements of India. For instance, privacy, data
security, data protection and cyber law compliances are mandatory in
India. Yet neither the application developers nor the entrepreneurs
using the same are complying with these legal compliances.

Many mobile based
application and software providers are exploring the areas like
m-health, telemedicine, e-commerce, mobile payment, online payment,
cyber security, cloud computing, online gaming including poker,
online pharmacies, Bitcoins exchanges, etc. For instance, Apple is
planning to launch mobile payment service through Touch ID. In order
to ensure that Apple complies with laws of different jurisdictions,
Apple has also removed the blockchain application from its store.
Similarly, Twitter is also planning to use its platform to enter
e-commerce market world over.

These ventures have made
the websites and application developers liable under the laws
of different jurisdictions simultaneously. The conflict
of laws in cyberspace has also complicated the penal
liability of these application providers in different jurisdictions.
If the application developers are based in India and they wish to
raise funds from foreign investors, these application providers must
also take care of cyber
law due diligence requirements (PDF) as prescribed by
Indian laws. Besides, the foreign investors investing in Indian
applications would also conduct their own cyber
law due diligence to ensure that Indian applications are
in compliance with Indian laws.

Presently India and
foreign application developers are in direct violation of various
Indian laws and corresponding regulations. These include cyber law
due diligence, internet intermediary liabilities, encryption related
violations, cloud related violations, data
protection and privacy regulations (PDF), etc. Most of
them are not even aware about the encryption laws of India that have
to be complied with.

There are mobile
applications that accesses and uses mobile phone owner’s data,
information, SMS, contact details, phone books, etc without owner’s
permission. Further, there are many application providers that store
such information and data outside India on foreign servers. Many time
these data and information includes private, sensitive and crucial
information that are not authorised to be viewed and used by such
application providers.

The cyber litigations
against foreign websites and application providers would increase in
India in the near future. It is in the long term interest of Indian
and foreign application providers to ensure techno legal compliances
so that they are not prosecuted in India.